The Inquirer-Home

PHP users are warned of a bug

Don't install the 5.3.7 update
Tue Aug 23 2011, 14:36

USERS OF the web scripting language PHP have been warned not to download the latest version after the discovery of faulty components that could pose a security risk.

According to The INQUIRER's sister IT news web site, the PHP Group has warned against installing the 5.3.7 update and recommends waiting for PHP 5.3.8 later this week. The security organisation Sans Institute is also advising users to hold off on updating PHP.

This is because the 5.3.7 update contains a faulty encryption component that is unable to properly encrypt data. The flaw prevents the full encryption and proper handling of MD5 encoded data. It is considered serious enough to warrant bypassing the 5.3.7 release.

The PHP 5.3.7 build was released on 18 August, containing 90 bug fixes and performance enhancements as well as at least six security updates. The update was the largest for PHP since the March 2011 release of version 5.3.6. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Existing User
Please fill in the field below to receive your profile link.
Sign-up for the INQBot weekly newsletter
Click here
INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?